211.105.132.5 - IPInfo

基本信息:

城市(city): unknown

省份(region): unknown

国家(country): Korea (Republic of)

运营商(isp): KT Corporation

主机名(hostname): unknown

机构(organization): unknown

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	Unauthorized connection attempt detected from IP address 211.105.132.5 to port 5555	2020-05-13 03:47:52

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 211.105.132.5
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 6369
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;211.105.132.5.			IN	A

;; AUTHORITY SECTION:
.			489	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2020051201 1800 900 604800 86400

;; Query time: 82 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed May 13 03:47:46 CST 2020
;; MSG SIZE  rcvd: 117

HOST信息:

Host 5.132.105.211.in-addr.arpa. not found: 3(NXDOMAIN)

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

** server can't find 5.132.105.211.in-addr.arpa: NXDOMAIN

最新评论:

IP	类型	评论内容	时间
157.230.220.179	attackspambots	$f2bV_matches	2020-10-05 04:41:41
165.232.102.102	attack	20 attempts against mh-ssh on soil	2020-10-05 04:53:04
117.69.154.57	attack	Oct 4 00:55:03 srv01 postfix/smtpd\[13707\]: warning: unknown\[117.69.154.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 00:58:30 srv01 postfix/smtpd\[21341\]: warning: unknown\[117.69.154.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 01:01:56 srv01 postfix/smtpd\[30998\]: warning: unknown\[117.69.154.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 01:02:08 srv01 postfix/smtpd\[30998\]: warning: unknown\[117.69.154.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Oct 4 01:02:25 srv01 postfix/smtpd\[30998\]: warning: unknown\[117.69.154.57\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ...	2020-10-05 04:42:52
134.175.186.149	attack	Fail2Ban Ban Triggered	2020-10-05 04:55:12
186.89.248.169	attackbotsspam	Icarus honeypot on github	2020-10-05 04:59:09
122.194.229.37	attack	Oct 4 20:16:12 ip-172-31-16-56 sshd\[14921\]: Failed password for root from 122.194.229.37 port 7128 ssh2\ Oct 4 20:16:16 ip-172-31-16-56 sshd\[14921\]: Failed password for root from 122.194.229.37 port 7128 ssh2\ Oct 4 20:16:19 ip-172-31-16-56 sshd\[14921\]: Failed password for root from 122.194.229.37 port 7128 ssh2\ Oct 4 20:16:22 ip-172-31-16-56 sshd\[14921\]: Failed password for root from 122.194.229.37 port 7128 ssh2\ Oct 4 20:16:25 ip-172-31-16-56 sshd\[14921\]: Failed password for root from 122.194.229.37 port 7128 ssh2\	2020-10-05 04:32:02
178.128.107.120	attackspambots	2020-10-04T18:52:49.210340bastion.rubrub.me sshd[12171]: Failed password for root from 178.128.107.120 port 36746 ssh2 2020-10-04T18:52:49.213171bastion.rubrub.me sshd[12171]: error: maximum authentication attempts exceeded for root from 178.128.107.120 port 36746 ssh2 [preauth] 2020-10-04T18:52:49.213258bastion.rubrub.me sshd[12171]: Disconnecting: Too many authentication failures [preauth] ...	2020-10-05 04:27:37
172.93.4.78	attackbots	firewall-block, port(s): 30313/tcp	2020-10-05 04:49:35
207.204.110.66	attack	php WP PHPmyadamin ABUSE blocked for 12h	2020-10-05 04:56:26
94.102.50.137	attackspambots	ET CINS Active Threat Intelligence Poor Reputation IP group 82 - port: 55522 proto: tcp cat: Misc Attackbytes: 60	2020-10-05 04:28:52
185.74.4.20	attackspam	Oct 5 02:02:08 itv-usvr-01 sshd[8140]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.20 user=root Oct 5 02:02:10 itv-usvr-01 sshd[8140]: Failed password for root from 185.74.4.20 port 56600 ssh2 Oct 5 02:06:00 itv-usvr-01 sshd[8271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.74.4.20 user=root Oct 5 02:06:01 itv-usvr-01 sshd[8271]: Failed password for root from 185.74.4.20 port 35860 ssh2	2020-10-05 05:02:45
27.128.173.81	attackspambots	Oct 4 20:14:12 *** sshd[21365]: User root from 27.128.173.81 not allowed because not listed in AllowUsers	2020-10-05 04:34:47
119.45.61.69	attackbots	Cowrie Honeypot: 3 unauthorised SSH/Telnet login attempts between 2020-10-04T10:57:24Z and 2020-10-04T11:04:02Z	2020-10-05 05:00:10
218.92.0.184	attackbotsspam	Oct 4 22:45:02 minden010 sshd[21985]: Failed password for root from 218.92.0.184 port 25598 ssh2 Oct 4 22:45:06 minden010 sshd[21985]: Failed password for root from 218.92.0.184 port 25598 ssh2 Oct 4 22:45:09 minden010 sshd[21985]: Failed password for root from 218.92.0.184 port 25598 ssh2 Oct 4 22:45:12 minden010 sshd[21985]: Failed password for root from 218.92.0.184 port 25598 ssh2 ...	2020-10-05 04:56:01
191.188.70.30	attackbots	Oct 4 19:25:01 master sshd[22049]: Failed password for root from 191.188.70.30 port 53450 ssh2	2020-10-05 04:41:10

最近上报的IP列表

181.114.145.134	181.39.233.14	249.150.70.28	179.176.106.236
179.100.44.92	60.55.143.131	168.197.159.188	162.158.187.108
156.204.55.43	125.160.114.142	109.155.70.222	104.157.25.175
103.91.232.18	100.1.63.89	99.48.176.109	96.8.168.146
95.27.174.153	94.241.129.67	92.169.160.111	84.195.54.205